Khader Syed

I'm back with SaltStack

Sun May 24 2015


So, I resurrected my old blog from the git repository, changed the background and and got the site back online. Most everything is still the same, cause why fix something that isn’t broken?

I wanted to use a different framework for my website, but nothing was easy, minimalist or up to my taste.. So, I’m back to using Jekyll and Amazon S3 for my hosting, cause pourquoi pas! It’s cheap and simple. All my templates and updates are synced to a private repository and so, everything is back the way it was. Tadaaaa!!

We use a lot of different software and tools to manage and monitor systems and services at my workplace. I thought it would be a good idea to get back to blogging about all the stuff I do. All of this is stuff I learnt online and some of it I figured out on my own, because there just wasn’t enough information either in the manuals or online.

We use ansible to do a lot of cloud orchestration, deployment of services etc., Lately, I’ve been looking at how we can improve the way we do things and have been trying out SaltStack. I’ve been finding it a lot more interesting. Here’s what I did to get started with it. I used the SaltStack walkthrough as my starting point.

Before you start, ensure you have the EPEL repo installed, since it contains the necessary salt packages. Do the following and you should have the latest version of epel release for your distro:

$ sudo yum install epel-release

I installed the zeromq4 COPR repository, because I wanted to use SaltStack with zeromq4 and not zeromq3, which is the default on CentOS 6. Ensure you download the repository for your specific distro. For CentOS 6, I did the following:

$ cd /etc/yum.repos.d/
$ sudo wget -c

Ensure the zeromq4 COPR repository is enabled by setting enabled=1 in the repo file you just downloaded. After that, I installed salt using the following command:

$ sudo yum install salt salt-api salt-cloud salt-master salt-minion salt-ssh salt-syndic --enablerepo epel

That automagically picks the latest version of zeromq4 and salt packages. You don’t really need all those packages, but I installed all of them, since I plan to use them as I go. You just need salt, salt-master and salt-minion for a typical install and salt-cloud if you plan to use salt to manage your cloud infrastructure. I plan to use salt-cloud for all the servers we have in HP Cloud and AWS.

I did not change anything in /etc/salt/master, since by default salt-master runs on all interfaces. You can change this line in /etc/salt/master to change the interface IP you want it to bind to:

# Interface the master should bind to

There are lots of other changes that need to be done, but I want to start with the basic setup first. Next, I edited /etc/salt/minion to point to the master and identify the minion as follows:

# check with the master
# say my name
id: minion1

Restart salt-master using sudo /etc/init.d/salt-master restart and if all goes well, restart salt-minion on the same host using sudo /etc/init.d/salt-minion restart.

Once the salt-master and salt-minion restarted successfully, I ran sudo salt-key -L to list all the keys on the master. You should see a list of all accepted, rejected and unaccepted keys. You should see the minion name you set using id in your minion config here. If you don’t see that or you see a different name, you should check your config.

You can then run sudo salt-key -A and accept the keys waiting to be accepted. You’re now ready to do some basic commands on your minion. In our case, the minion is on the mater itself.

If you do a, you should see a response like this:

$ sudo salt minion1

or perhaps you want to check the uptime of the host:

$ sudo salt minion1 status.uptime
     05:07:37 up 16 days, 23:42,  1 user,  load average: 0.00, 0.00, 0.00

There’s of course a ton of commands that you can run against the minion now. Refer to SaltStack documentation or this cheat sheet to get started.

Next time, we’ll take a look into salt states and salt-cloud.